From 99bfa76e82bdafbe5ea2bc908ec2790612d2ee37 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 15 Oct 2021 11:38:06 +0200 Subject: [PATCH] Completing bin/get-ldap-membership --- bin/get-ldap-membership | 82 +++++++++++++++++++++++++++++++++++++++++ lib/functions.rc | 2 +- 2 files changed, 83 insertions(+), 1 deletion(-) diff --git a/bin/get-ldap-membership b/bin/get-ldap-membership index de6de3b..8e68722 100755 --- a/bin/get-ldap-membership +++ b/bin/get-ldap-membership @@ -110,11 +110,93 @@ usage() { } +#------------------------------------------------------------------------------ +get_dn() { + + local user_id="$1" + local dn= + + local ldap_filter_oclass="(|" + local oclass= + local line= + + for oclass in inetLocalMailRecipient inetMailingListUser inetOrgPerson \ + inetResource mailGroupMember mailRecipient; do + ldap_filter_oclass+="(objectClass=${oclass})" + done + ldap_filter_oclass+=")" + + local filter="(&${ldap_filter_oclass}(|(mail=${user_id})(mailAlternateAddress=${user_id})" + filter+="(mailEquivalentAddress=${user_id})(uid=${user_id})))" + + info "Getting DN of LDAP-Object with E-Mail address or UID '${CYAN}${user_id}${NORMAL}' ..." + + cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\" dn" + debug "Executing: ${cmd}" + for line in $( eval ${cmd} | grep -i '^dn:' | sed -e 's/^dn:[ ]*//i' ) ; do + echo "${line}" + done + +} + +#------------------------------------------------------------------------------ +search_memberships() { + + local dn="$1" + + info "Searching for groups with member '${CYAN}${dn}${NORMAL}' ..." + local ldap_filter_oclass="(|" + local oclass= + + for oclass in groupOfNames groupOfUniqueNames; do + ldap_filter_oclass+="(objectClass=${oclass})" + done + ldap_filter_oclass+=")" + + local filter="(&${ldap_filter_oclass}(|(uniqueMember=${dn})(member=${dn})))" + cmd="ldapsearch -LLL -o ldif-wrap=no -h \"${LDAP_HOST}\" -p ${LDAP_PORT} -b \"${LDAP_BASE}\"" + cmd+=" -x -D \"${LDAP_USR}\" -y \"${LDAP_PWD_FILE}\" \"${filter}\"" + cmd+=" dn cn description mail mailAlternateAddress mailEquivalentAddress" + debug "Executing: ${cmd}" + eval ${cmd} +} + +#------------------------------------------------------------------------------ +search_user() { + + local user_id="$1" + local dn= + + local oifs="${IFS}" + IFS=" +" + + echo + if echo "${user_id}" | grep -q -i "${LDAP_BASE}\$" ; then + dn="${user_id}" + info "Searching for user with DN '${CYAN}${dn}${NORMAL}' ..." + search_memberships "${dn}" + else + for dn in $( get_dn "${user_id}" ); do + info "Searching for user '${CYAN}${user_id}${NORMAL}' with DN '${CYAN}${dn}${NORMAL}' ..." + search_memberships "${dn}" + done + fi + + IFS="${oifs}" + +} + #------------------------------------------------------------------------------ main() { get_options "$@" + local id + for id in "${SEARCH_IDS[@]}" ; do + search_user "${id}" + done } diff --git a/lib/functions.rc b/lib/functions.rc index ae808a0..99a4ee7 100644 --- a/lib/functions.rc +++ b/lib/functions.rc @@ -10,7 +10,7 @@ BLUE="" CYAN="" NORMAL="" -VERSION="0.2.0" +VERSION="0.2.1" STD_SHORT_OPTIONS="sdvhV" STD_LONG_OPTIONS="simulate,debug,verbose,nocolor,help,version" -- 2.39.5